3. Threat model
<nemanja@hacke.rs>
MCU
OLED
USB
Comm MCU
USB
Main MCU
OLED
https://blog.trezor.io/details-about-the-security-updates-in-trezor-
one-firmware-1-6-2-a3b25b668e98
https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/
Secure MCU
6. Code layers
<nemanja@hacke.rs>
UART SPI GPIO LTC MMCAUCRC TRNG
https://gitlab.com/nemanjan/hwallet
NXP K82 OLED
To
Communication
MCU
Tx/Rx speed fixed
to 115200 bps
SPI bus clocked at
1 MHz
Bitcoin
TX
SHA256D
nonce
ECDSA:
secp256k1
TX Signature
7. Code layers
<nemanja@hacke.rs>
UART SPI GPIO LTC
Packet OLED
MMCAUCRC TRNG
Crypto
https://gitlab.com/nemanjan/hwallet
typedef struct {
uint16_t type;
uint16_t length;
uint8_t data[32];
uint32_t crc;
} Packet;
PACKET_Send();
PACKET_Receive();
typedef struct {
SPIx* spi;
GPIOx* dcGpio;
GPIOx* rstGpio;
uint8_t dcPin;
uint8_t rstPin;
uint8_t buffer[ ];
} OLED;
OLED_WriteRow();
OLED_Clear();
CRYPTO_Random();
CRYPTO_SHA256();
CRYPTO_ECDSA_Sign();
CRYPTO_ECDSA_GetPublicKey();
typedef struct {
uint8_t num[32];
uint8_t len;
} Bignum;
CRYPTO_Bignum_Init();
CRYPTO_Bignum_Mod();
CRYPTO_Bignum_Div();
CRYPTO_Bignum_Sub();
CRYPTO_Bignum_IsNull();
B' = (1/B) mod N
A' = A – A mod B
(A/B) mod N = (A'B') mod N
N - a large prime, larger than
any A or B, e.g. p from
secp256k1
8. Code layers
<nemanja@hacke.rs>
UART SPI GPIO LTC
Main Loop
Packet OLED
MMCAUCRC TRNG
Crypto
https://gitlab.com/nemanjan/hwallet
while(1) {
Packet msg;
PACKET_Receive(&msg);
switch(PACKET_MODULE(msg.type)) {
case PACKET_BITCOIN:
Bitcoin_Process(&msg);
...
};
}
Module Function
Packet type
15 8 7 0